03-15-2004 04:38 AM - edited 03-02-2019 02:16 PM
Can someone tell me how to setup the ability to only allow a certain network to access one IP address.
I have a Cisco 3640 with two ethernet interfaces. I want the network on ethernet 2 (10.30.30.0) to only be able to access one IP address on ethernet 1 (10.20.20.20) via telnet.
It is running IOS 12.0(7).
Thanks,
Scott
03-15-2004 05:39 AM
try
first
ip access-list 101 permit tcp 10.30.30.0 255.255.255.0 host 10.20.20.20 255.255.255.0 eq telnet
ip access-list 101 permit ip any any
then
int yourEthernet1
ip access-group 101 in
03-15-2004 08:24 AM
Hi,
create access-list
access-list 101 permit 10.30.30.0 0.0.0.255 host 10.20.20.20 eq 21 ! permit telnet
access-list 101 deny ip 10.30.30.0 0.0.0.255 10.20.20.0 0.0.0.255 ! deny all other from 10.30.30.0
access-list 101 permit ip any any ! permit all for the rest
int eth1
access-group 101 out
jh
03-15-2004 08:26 AM
sorry, typo: must be ... eq 23
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: